<?php
require_once 'class/autoload.php';

session_start();

//===== 公共变量


$type = @$_REQUEST['type'];




//===== 检测访问来路
if(!CheckOrigin()){
	exit('10001');	//来路非法
}



//===== ### 退出登陆
if($_REQUEST['type'] == 'exit'){
	$_SESSION['user'] = '';
	$_SESSION['token1'] = '';
	exit('ok');
}

//===== ### 验证token1

$user = I('user','p');
if(!$user){
	exit('10002');
}

$token1 = I('token1','p');
$tmp_arr = array();

if($type != 'login'){ 
	if(!$token1){
		exit('10003');		//缺少必要参数 
	}


	if($user != @$_SESSION['user']){
		exit('10004');			//用户验证
	}


	$token3 = CheckToken1($user,$token1);
	if(!$token3){
		exit('10003');		//token1验证失败
	}
	$tmp_arr['token1'] = $token3;
}




switch($type){

	//删除记事本
	case 'DeleteNotpad':
		$id = intval(I('id','p'));
		if(!$id){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		$pdo = MyPdo::init();
		$sql = 'delete from notpad_info where id = ? and user = ?';
		$res = $pdo->dml($sql,array($id,$user));
		if($res){
			$tmp_arr['stat'] = 'ok';
		}else{
			$tmp_arr['stat'] = 'err2';
		}
		exit(json_encode($tmp_arr));
		break;





	//编辑记事本
	case 'EditNotpad':
		$id = intval(I('id','p'));
		$title = I('title','p');
		if(!$title || !$id){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		$info = I('info','p');
		$pdo = MyPdo::init();
		$sql = 'update notpad_info set title=?,info=? where id=? and user=?';
		$res = $pdo->dml($sql,array($title,$info,$id,$user));
		if($res){
			$tmp_arr['stat'] = 'ok';
		}else{
			$tmp_arr['stat'] = 'err2';
		}
		exit(json_encode($tmp_arr));
		break;




	//获取当前信息
	case 'GetCurrentInfo':
		$id = intval(I('id','p'));
		if(!$id){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		$pdo = MyPdo::init();
		$sql = 'select title,info from notpad_info where id=? and user=?';
		$res = $pdo->dql($sql,array($id,$user),1);
		if(!$res){
			$tmp_arr['stat'] = 'err2';
			exit(json_encode($tmp_arr));
		}
		$tmp_arr['stat'] = 'ok';
		$tmp_arr['data'] = $res;
		exit(json_encode($tmp_arr));
		break;





	//获取记事本列表
	case 'GetNotpadList':
		$search = I('search','p');
		$pdo = MyPdo::init();
		if($search){
			$sql = 'select id,title from notpad_info where user = ? and title like ? or  user = ? and info like ?  order by id desc';
			$res = $pdo->dql($sql,array($user,"%{$search}%",$user,"%{$search}%"));
		}else{
			$sql = 'select id,title from notpad_info where user = ? order by id desc';
			$res = $pdo->dql($sql,array($user));
		}
		if($res){
			$tmp_arr['data'] = $res;
		}else{
			$tmp_arr['data'] = array();
		}
		$tmp_arr['stat'] = 'ok';
		exit(json_encode($tmp_arr));
		break;






	//新建记事本
	case 'create_notpad':
		$title = I('title','p');
		$info = I('info','p');
		if(!$title){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		$pdo = MyPdo::init();
		$sql = 'insert into notpad_info values(null,?,?,?)';
		$res = $pdo->dml($sql,array($user,$title,$info));
		if($res){
			$tmp_arr['stat'] = 'ok';
			exit(json_encode($tmp_arr));
		}else{
			$tmp_arr['stat'] = 'err2';
			exit(json_encode($tmp_arr));
		}


		break;





	//修改密码
	case 'reset_pwd':
		$pwd1 = I('pwd1','p');
		$pwd2 = I('pwd2','p');
		if(!$pwd1 || !$pwd2){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		$pdo = MyPdo::init();
		$sql = 'select pwd from notpad_user where user = ?';
		$res = $pdo->dql($sql,array($user),1);
		if($res && $res['pwd'] == md5($pwd1)){
			$sql2 = 'update notpad_user set pwd = ?';
			$res2 = $pdo->dml($sql2,array(md5($pwd2)));
			if($res2){
				$tmp_arr['stat'] = 'ok';
				exit(json_encode($tmp_arr));
			}
		}
		$tmp_arr['stat'] = 'err2';
		exit(json_encode($tmp_arr));

		break;


	//登陆
	case 'login':
		$user = I('user','p');
		$pwd = I('pwd','p');
		if(!$user || !$pwd){
			$tmp_arr['stat'] = 'err1';
			exit(json_encode($tmp_arr));
		}
		if($_SERVER['SERVER_ADDR'] == '127.0.0.1'){
			$pdo = MyPdo::init();
			$sql = 'select pwd from notpad_user where user = ?';
			$res = $pdo->dql($sql,array($user),1);
			if($res){
				if($res['pwd'] == md5($pwd)){
					$tmp_arr['stat'] = 'ok';
					$tmp_arr['token1'] = GetToken1($user);
					$_SESSION['user'] = $user;
					exit(json_encode($tmp_arr));
				}
			}
			$tmp_arr['stat'] = 'err2';
			exit(json_encode($tmp_arr));
		}else{
			if($user == 'admin1' && $pwd == file_get_contents('../secure')){
				$tmp_arr['stat'] = 'ok';
				$tmp_arr['token1'] = GetToken1($user);
				$_SESSION['user'] = $user;
			}else{
				$tmp_arr['stat'] = 'err2';
			}
		}
		exit(json_encode($tmp_arr));
		break;




	default :
		echo 'default';
	break;


}


